> ******************************
> Widely-Deployed Software
> ******************************
>
> (1) CRITICAL: Microsoft Data Access Components Buffer
> Overflow (MS07-009)
> Affected:
> Microsoft Windows 2000/XP/2003
>
> Description: The Microsoft Data Access Components (MDAC) is used to
> access databases and other data storage systems, and is installed by
> default on Microsoft Windows. The "ADODB.Connection" ActiveX control,
> installed as part of MDAC, contains a buffer overflow vulnerability. A
> web page that instantiates this control could exploit this
> overflow and
> execute arbitrary code with the privileges of the current user.
> Technical details and a working exploit for this vulnerability are
> publicly available. Additionally, exploit code targeting arbitrary
> ActiveX controls is widely available and easily adaptable to take
> advantage of this vulnerability. Other vulnerabilities in
> MDAC have been
> widely exploited in the past.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> SANS ISC Microsoft Analysis
>
> Proof of Concept
>
> Microsoft Security Response Center Blog Posting
>
> SecurityFocus BID
>
>
> ****************************************************************
>
> (2) CRITICAL: Microsoft Office Multiple Vulnerabilities (MS07-015)
> Affected:
> Microsoft Office 2000/XP/2003
> Microsoft Project 2000/2002
> Microsoft Visio 2002
> Microsoft Office 2004 for Mac
>
> Description: Microsoft Office contains multiple vulnerabilities:
> (1) A specially-crafted Microsoft PowerPoint file could trigger an
> invalid memory access and execute arbitrary code with the
> privileges of
> the current user. This vulnerability was originally discussed in
> Microsoft Security Bulletins MS06-062 and MS06-058, but the
> fix provided
> in those bulletins was not effective.
> (2) A specially-crafted Microsoft Excel file could trigger an invalid
> memory access and execute arbitrary code with the privileges of the
> current user. It is believed that this vulnerability is related to
> MS07-014. This vulnerability is known to be attacked by at least two
> viruses, the "Trojan.Mdropper.Y" and "Exploit-MSExcel.h" viruses.
>
> Note that the vulnerable file types are not opened without
> prompting in
> any version of Microsoft Office after Office 2000. Both of
> these issues
> were discussed previously in @RISK. Both of these vulnerabilities have
> been previously publicly disclosed, and are therefore greater targets
> for exploitation.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Symantec Writeup ("Trojan.Mdropper.Y")
>
> sp?docid=2007-020717-0252-99
> Previous @RISK Entries
>
>
> SecurityFocus BIDs
>
>
>
> ****************************************************************
>
> (3) CRITICAL: Microsoft Word Multiple Vulnerabilities (MS07-014)
> Affected:
> Microsoft Word 2000/2002/2003
> Microsoft Works Suite 2004/2005/2006
> Microsoft Office 2004 for Mac
>
> Description: Microsoft Word contains multiple memory corruption
> vulnerabilities that arise from the way Word parses documents
> containing
> data structures such as drawing objects, strings etc. In addition,
> certain specially crafted Word files containing macros will execute
> those macros without any user prompting. These vulnerabilities can
> result in arbitrary code execution with the privileges of the current
> user. Several working exploits and proofs-of-concept are publicly
> available, and some of these flaws have been being actively exploited
> prior to the announcement of this bulletin. Two of these
> vulnerabilities are being exploited by the "Trojan.Mdropper.X" and
> "Trojan.Mdropper.Y" viruses.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Proofs of Concept (Word documents)
>
>
> 22006-djtest.doc
> Symantec Writeup ("Trojan.Mdropper.X" and "Trojan.Mdropper.Y")
>
> sp?docid=2007-020717-0252-99
>
> sp?docid=2007-013010-5422-99
> Microsoft Security Response Center Blog Posting (discusses
> active exploitation of some flaws)
>
> rent-word-vulnerability-reports.aspx
> Posting by Juha-Matti Laurio
>
> Previous @RISK Entries
>
>
> SecurityFocus BIDs
>
>
>
>
>
>
>
>
>
> ***************************************************************
>
>
> (4) CRITICAL: Microsoft HTML Help ActiveX Control Code
> Execution Vulnerability (MS07-008)
> Affected:
> Microsoft Windows 2000/XP/2003
>
> Description: Microsoft HTML Help is Microsoft's standard
> format for help
> documents. The Microsoft HTML Help ActiveX control, used to view these
> documents, contains a buffer overflow vulnerability. A web page that
> instantiates this control could trigger this overflow and execute
> arbitrary code with the privileges of the current user. Full technical
> details for this vulnerability are not believed to be publicly
> available, but similar exploits have been widely exploited in
> the past.
> Reusable exploit code targeting arbitrary ActiveX controls is widely
> available and easily adaptable.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions:
> All of the reporting council sites are responding to the Microsoft
> issues in the same manner. They plan to distribute the patches during
> their next regularly scheduled system maintenance window. Some sites
> will use accelerated update pushes for higher criticality items.
>
> References:
> Microsoft Security Bulletin
>
> SecurityFocus BID
>
>
> ****************************************************************
>
> (5) CRITICAL: Microsoft Malware Protection Engine Integer
> Overflow (MS07-010)
> Affected:
> Microsoft Windows Live OneCare
> Microsoft Antigen for Exchange and for SMTP Gateway versions 9.x
> Microsoft Windows Defender
> Microsoft Forefront Security
>
> Description: The Microsoft Malware Protection Engine, used by various
> Microsoft products to scan for and detect malware, contains an integer
> overflow vulnerability. A specially-crafted Portable Document Format
> (PDF) file could trigger this vulnerability and execute arbitrary code
> with the privileges of the process accessing the document (typically
> SYSTEM). In many cases (for example, email gateways that automatically
> scan attachments), no user interaction is necessary to exploit this
> vulnerability. Malicious documents could be delivered to vulnerable
> systems via email, web, instant messaging, peer-to-peer file sharing,
> etc.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> IBM X-Force Entry
>
> &menutype=menupublic
> SecurityFocus BID
>
>
> ****************************************************************
>
> (6) CRITICAL: Microsoft Internet Explorer Multiple
> Vulnerabilities (MS07-016)
> Affected:
> Microsoft Windows 2000/XP/2003
>
> Description: Microsoft Internet Explorer contains multiple
> vulnerabilities:
> (1) Microsoft Internet Explorer contains a memory corruption
> vulnerability when instantiating certain Component Object Model (COM)
> objects. A web page that instantiates one of these vulnerable objects
> could exploit this vulnerability and execute arbitrary code with the
> privileges of the current user. Available exploit code can be easily
> modified to attack the vulnerable objects.
> (2) Microsoft Internet Explorer contains a memory corruption
> vulnerability in the parsing of File Transfer Protocol (FTP)
> responses.
> A malicious FTP server could trigger this vulnerability and execute
> arbitrary code with the privileges of the current user. Though this
> vulnerability affects Internet Explorer's FTP functionality, it can be
> exploited just as other Internet Explorer vulnerabilities have been
> exploited: a website that provides a link to the malicious FTP server
> could exploit this vulnerability.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> SecurityFocus BIDs
>
>
>
>
> ****************************************************************
>
> (7) HIGH: Microsoft OLE Dialog Memory Corruption (MS07-011)
> Affected:
> Microsoft Windows 2000/XP/2003
>
> Description: The Microsoft Object Linking and Embedding (OLE) Dialog
> component, contains a memory corruption vulnerability. A
> specially-crafted Rich Text Format (RTF) document that embeds an OLE
> component could exploit this vulnerability and execute arbitrary code
> with the privileges of the current user. The Microsoft
> security bulletin
> says the user must interact with the embedded component to trigger the
> vulnerability.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Wikipedia Article on Object Linking and Embedding
>
> Security Focus BID
>
>
> ****************************************************************
>
> (8) HIGH: Microsoft MFC Memory Corruption (MS07-012)
> Affected:
> Microsoft Windows 2000/XP/2003
> Microsoft Visual Studio .NET 2002/2003
>
> Description: The Microsoft MFC component, shipped with
> Microsoft Windows
> and Microsoft Visual Studio .NET, contains a memory corruption
> vulnerability. A specially-crafted Rich Text Format (RTF)
> document that
> embeds an Object Linking and Embedding (OLE) component could exploit
> this vulnerability and execute arbitrary code with the
> privileges of the
> current user. According to the security bulletin, the user
> must interact
> with the embedded component to trigger the vulnerability.
> This issue is
> believed to be related to MS07-011, above.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Wikipedia Article on Object Linking and Embedding
>
> Security Focus BID
>
>
> ****************************************************************
>
> (9) HIGH: Microsoft RichEdit Memory Corruption (MS07-012)
> Affected:
> Microsoft Windows 2000/XP/2003
>
> Description: The Microsoft RichEdit component contains a memory
> corruption vulnerability. A specially-crafted Rich Text Format (RTF)
> document that embeds a Object Linking and Embedding (OLE) component
> could exploit this vulnerability and execute arbitrary code with the
> privileges of the current user. According to the security
> bulletin, the
> user must interact with the embedded component to trigger the
> vulnerability. This issue is believed to be related to
> MS07-011, above.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Wikipedia Article on Object Linking and Embedding
>
> Security Focus BID
>
>
> ****************************************************************
>
> (11) MODERATE: PHP Multiple Vulnerabilities
> Affected:
> PHP 5.x versions prior to 5.2.1
> PHP 4.x versions prior to 4.4.5
>
> Description: PHP contains multiple remotely-exploitable
> vulnerabilities.
> Specially-crafted requests could trigger these vulnerabilities and
> potentially lead to arbitrary code execution with the
> privileges of the
> PHP process, arbitrary file overwrites, denials-of-service, and other
> conditions. According to the PHP advisory, some of these
> vulnerabilities
> are remotely exploitable. While no in-depth technical information has
> been published, because PHP is open source, technical details can be
> obtained via source code analysis.
>
> Status: PHP confirmed, updates available. Versions 4.4.5 and 5.2.1
> released to fix the flaws.
>
> Council Site Actions:
> Not officially in use here. Non-corporate users advised to update.
>
> References:
> PHP Update Announcement
>
>
> SecurityFocus BID
>
>
> ****************************************************************
>
> (13) HIGH: Microsoft Interactive Training Buffer Overflow (MS07-005)
> Affected:
> Microsoft Step-by-Step Interactive Training
>
> Description: Microsoft Step-by-Step Interactive Training,
> used to train
> end users using a variety of methods, contains a buffer overflow
> vulnerability. A specially-crafted bookmark file (a file used by the
> Interactive Training system to store links to topics and other
> information) could exploit this vulnerability. Successfully exploiting
> this vulnerability would allow the attacker to execute arbitrary code
> with the privileges of the current user. Note that, depending on the
> configuration, bookmark files may be automatically opened without
> prompting. Some technical details for this vulnerability are publicly
> available.
>
> Status: Microsoft confirmed, updates available.
>
> Council Site Actions: All of the reporting council sites are
> responding
> to the Microsoft issues in the same manner. They plan to
> distribute the
> patches during their next regularly scheduled system
> maintenance window.
> Some sites will use accelerated update pushes for higher criticality
> items.
>
> References:
> Microsoft Security Bulletin
>
> Posting by Brett Moore (includes some technical details)
>
> SecurityFocus BID
>
>
> ****************************************************************
> **********
> Patches
> **********
>
> (17) PATCH: Sun Solaris/SunOS Telnet Daemon Authentication
> Bypass Vulnerability
>
> Description: The Sun Solaris/SunOS telnet daemon
> vulnerability discussed
> in last week's issue of @RISK has been patched by Sun. Users
> are advised
> to apply this patch as quickly as possible.
>
> References:
> Sun Security Advisory
>
> Previous @RISK Entry
>
>
> **************************************************************
> *********
> 07.8.1 CVE: Not Available
> Platform: Windows
> Title: Trend Micro OfficeScan Client ActiveX Control Remote Buffer
> Overflow
> Description: Trend Micro OfficeScan is an integrated enterprise-level
> security product that protects against viruses, spyware, worms, and
> blended threats. It is exposed to a remote buffer overflow
> issue because
> the application fails to properly bounds check user-supplied data
> before copying it into an insufficiently sized memory buffer. Trend
> Micro OfficeScan Corporate Edition versions 7.0 and 7.3 are affected.
> Ref:
>
> _en_securitypatch_1344_readme.txt
> ______________________________________________________________________
>
> 07.8.2 CVE: Not Available
> Platform: Windows
> Title: Comodo Firewall Flawed Component Control Cryptographic Hash
> Description: Comodo is a firewall application. Comodo Firewall is
> prone to a component control cryptographic hash issue because of a
> design error. Comodo Firewall Pro versions 2.4.17.183 and 2.4.16.174,
> and Comodo Personal Firewall version 2.3.6.81 are affected.
> Ref:
>
> ia-weak-hash-function-exploitation.php
> ______________________________________________________________________
> ______________________________________________________________________
>
> 07.8.6 CVE: CVE-2007-0211
> Platform: Windows
> Title: Microsoft Windows Shell Hardware Detection Service Privilege
> Escalation
> Description: Microsoft Windows Shell Hardware Detection service is
> used to detect and register new hardware. The service is prone to a
> local privilege escalation vulnerability due to a lack of proper input
> validation on an unspecified function parameter.
> Microsoft Windows XP Tablet PC Edition SP2 and prior versions are
> affected.
> Ref:
> ______________________________________________________________________
> ______________________________________________________________________
>
> 07.8.8 CVE: CVE-2007-0210
> Platform: Windows
> Title: Microsoft Windows Image Acquisition Service Privilege
> Escalation
> Description: Microsoft Windows Image Acquisition (WIA) service enables
> communication between imaging programs and imaging devices. The
> service is prone to a vulnerability due to an unchecked buffer. See
> the advisory for details.
> Ref:
> ______________________________________________________________________
>
> 07.8.9 CVE: CVE-2007-0026
> Platform: Windows
> Title: Microsoft Windows OLE Dialog Remote Code Execution
> Description: Rich Text Files (RTF) provide a format for text and
> graphic interchange that can be used within different operating
> systems and operating devices. OLE is the technology that is used to
> create and edit compound documents and provides embedding and linking
> support. Please refer to the link below for further details.
> Ref:
> ______________________________________________________________________
>
> 07.8.10 CVE: CVE-2007-0870
> Platform: Microsoft Office
> Title: Microsoft Word 2000/2002 Remote Code Execution
> Description: Microsoft Word is prone to a remote code execution
> vulnerability that arises because of a memory corruption
> vulnerability. Microsoft Word 2002 SP3 and prior versions are
> affected. Refer to the advisory for details.
> Ref:
>
> ______________________________________________________________________
>
> 07.8.11 CVE: CVE-2007-0671
> Platform: Microsoft Office
> Title: Microsoft Excel Remote Denial of Service
> Description: Microsoft Excel is a spreadsheet application that is part
> of the Microsoft Office suite. It is reportedly prone to a denial of
> service vulnerability because when the application handles a specially
> crafted spreadsheet file it results in a NULL pointer dereference.
> Microsoft Excel 2003 SP3 and earlier versions are affected.
> Ref:
> ______________________________________________________________________
>
> 07.8.12 CVE: CVE-2007-0208
> Platform: Microsoft Office
> Title: Microsoft Word Macro Permissions Bypass Arbitrary Code
> Execution
> Description: Microsoft Word is prone to a remote code execution
> vulnerability because the application fails to handle maliciously
> crafted Word files. Microsoft Works Suite 2006 and prior versions are
> affected. Refer to the advisory for details.
> Ref:
> ______________________________________________________________________
>
> 07.8.13 CVE: CVE-2007-0209
> Platform: Microsoft Office
> Title: Microsoft Word Malformed Drawing Object Arbitrary Code
> Execution
> Description: Microsoft Word is prone to a remote code execution
> vulnerability because the application fails to handle maliciously
> crafted Word files containing a malformed drawing object. See the
> advisory for details.
> Ref:
> ______________________________________________________________________
>
> 07.8.14 CVE: CVE-2007-0032
> Platform: Microsoft Office
> Title: Microsoft Office and Microsoft Windows RichEdit Component
> Remote Code Execution
> Description: Microsoft Office and Microsoft Windows are prone to a
> remote code execution vulnerability. This issue occurs when the
> RichEdit OLE component included with Microsoft Windows and Microsoft
> Office does not perform sufficient validation when parsing specially
> crafted OLE objects embedded within Rich Text Files (RTF).
> Please refer to the link below for further details.
> Ref:
> ______________________________________________________________________
>
> 07.8.15 CVE: CVE-2006-4697
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer IMJPCKSI COM Object Instantiation
> Memory Corruption
> Description: Microsoft Internet Explorer is prone to a memory
> corruption vulnerability. The vulnerability arises because of the way
> Internet Explorer attempts to instantiate certain COM objects as
> ActiveX controls. Versions 6.0 and prior are affected.
> Ref:
>
>
> ______________________________________________________________________
>
> 07.8.16 CVE: CVE-2007-0217
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer FTP Server Response Parsing Memory
> Corruption
> Description: Microsoft Internet Explorer is prone to a memory
> corruption vulnerability when parsing certain FTP server responses.
> This issue occurs when Internet Explorer follows FTP URIs and attempts
> to process responses returned from malicious servers. Internet
> Explorer 6.0 and earlier are affected. Refer to the advisory
> for details.
> Ref:
> ______________________________________________________________________
>
> 07.8.17 CVE: CVE-2007-0219
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer COM Object Instantiation Variant
> Memory Corruption
> Description: Microsoft Internet Explorer is prone to a memory
> corruption vulnerability. The vulnerability arises because of the way
> Internet Explorer attempts to instantiate certain COM objects as
> ActiveX controls. The COM objects may let remote attackers corrupt
> process memory and facilitate arbitrary code execution in the context
> of the currently logged-in user on the affected computer. Please
> refer to the link below for further details.
> Ref:
> ______________________________________________________________________
>
> 07.8.18 CVE: CVE-2006-3448
> Platform: Other Microsoft Products
> Title: Microsoft Step by Step Interactive Training Buffer Overflow
> Description: Microsoft Step by Step Interactive Training is an engine
> used for various interactive training titles provided by various
> vendors. Microsoft Step by Step Interactive Training is prone to a
> buffer overflow vulnerability because it fails to bounds check
> user-supplied data before copying it into an insufficiently sized
> buffer.
> Ref:
>
>
> ______________________________________________________________________
>
> 07.8.19 CVE: CVE-2007-0025
> Platform: Other Microsoft Products
> Title: Microsoft MFC Embedded OLE Object Remote Code Execution
> Description: Rich Text Files (RTF) provide a format for text and
> graphic interchange that can be used within different operating
> systems and operating devices. Please refer to the Microsoft advisory
> for further details.
> Ref:
> ______________________________________________________________________
>
> 07.8.20 CVE: CVE-2007-0214
> Platform: Other Microsoft Products
> Title: Microsoft HTML Help ActiveX Control Remote Code Execution
> Description: Microsoft HTML Help ActiveX control is a program for
> inserting help navigation and secondary window functionality into HTML
> files. See the advisory for details.
> Ref:
> ______________________________________________________________________
>
> 07.8.21 CVE: CVE-2006-5270
> Platform: Other Microsoft Products
> Title: Microsoft Antivirus Engine Integer Overflow
> Description: Microsoft Antivirus Engine is prone to an integer
> overflow vulnerability. This issue occurs when the application
> processes maliciously crafted PDF files. Versions of Microsoft Windows
> Live OneCare and prior are affected. Please refer to
> Microsoft Advisory
> for further details.
> Ref:
> ______________________________________________________________________
>
> 07.8.22 CVE: Not Available
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer JavaScript Key Filtering Variant
> Description: Microsoft Internet Explorer is prone to a JavaScript key
> filtering vulnerability due to the failure of the browser to securely
> handle keystroke input from users.
> Microsoft Internet Explorer 6.0 SP1 and prior versions are affected.
> Ref:
>
> ______________________________________________________________________
>
> 07.8.23 CVE: Not Available
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer for Windows Mobile Remote WML
> Content Denial of Service
> Description: Microsoft Windows Mobile is an operating system for smart
> phones and PDAs. It includes various embedded versions of applications
> including Office and Internet Explorer. Internet Explorer for Windows
> Mobile is prone to a remote denial of service vulnerability because
> the software fails to properly handle malformed remote data. Microsoft
> Windows Mobile version 5.0 is affected.
> Ref:
>
> ______________________________________________________________________
>
> 07.8.24 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Mozilla Firefox Location.Hostname Dom Property Cookie Theft
> Description: Mozilla Firefox is prone to a cookie theft vulnerability
> which arises because the application fails to sufficiently sanitize
> user-supplied input. This issue affects version 2.0.0.1.
> Ref:
>
> ______________________________________________________________________
>
> 07.8.26 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Mozilla Firefox JavaScript Key Filtering Variant
> Description: Mozilla Firefox is prone to a JavaScript key filtering
> vulnerability. This issue is due to the failure of the browser to
> securely handle keystroke input from users. Mozilla Firefox versions
> 1.5.0.9 and 2.0.0.1 are affected.
> Ref:
>
>
>
> ______________________________________________________________________
>
> 07.8.27 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Roaring Penguin Software MIMEDefang Unspecified Remote Buffer
> Overflow
> Description: MIMEDefang is an email filter intended to protect Windows
> clients. MIMEDefang is prone to a buffer overflow vulnerability
> because the application fails to properly bounds-check unspecified
> user-supplied data. This issue affects versions 2.59 and 2.60.
> Ref:
>
> uary/032011.html
>
> ______________________________________________________________________
>
> 07.8.33 CVE: CVE-2007-0882
> Platform: Solaris
> Title: Sun Solaris Telnet Remote Authentication Bypass
> Description: Sun Solaris is vulnerable to a bypass authentication
> issue because the telnet process passes switches to the login process
> which can bypass authentication. Sun Solaris versions 10.0 and 11.0
> are affected.
> Ref:
>
> 2-1&searchclause=
> ______________________________________________________________________
>
> 07.8.37 CVE: CVE-2007-0898
> Platform: Cross Platform
> Title: ClamAV MIME Header ID Parameter String Directory Traversal
> Description: ClamAV is an antivirus toolkit. The application is
> exposed to a directory traversal vulnerability because it fails to
> properly sanitize user-supplied directory traversal strings ("../") in
> the "id" string taken from MIME headers in a multipart email message.
> Versions prior to the 0.90 stable release are affected.
> Ref:
> .
> php?id=476
> ______________________________________________________________________
>
> 07.8.38 CVE: CVE-2007-0451
> Platform: Cross Platform
> Title: SpamAssassin Long URI Handling Remote Denial of Service
> Description: SpamAssassin is a mail filter designed to identify and
> process spam. It is exposed to a remote denial of service
> vulnerability when the application handles excessively long URIs
> included in message content. SpamAssassin versions prior to 3.1.8 are
> affected.
> Ref:
>
> d/announcements/3.1.8.txt
> ______________________________________________________________________
>
> 07.8.39 CVE: CVE-2007-0897
> Platform: Cross Platform
> Title: ClamAV CAB File Remote Denial of Service
> Description: ClamAV is an antivirus application designed for scanning
> email traffic over mail gateways. It is exposed to a denial of service
> issue because it fails to sufficiently handle cabinet header data.
> Versions prior to 0.90 stable are vulnerable.
> Ref:
> .
> php?id=475
> ______________________________________________________________________
> 07.8.90 CVE: CVE-2007-0859
> Platform: Hardware
> Title: Palm OS Treo Find Feature Information Disclosure
> Description: Palm OS Treo smartphones are vulnerable to a local
> information disclosure issue because the software fails to properly
> secure access to certain features when locked. The following devices
> are known to be affected: Cingular Treo 650, Treo650-1.03a-VZW and
> Treo650-1.12-SPCS, Cingular Treo 680 and Sprint/Verizon Treo 700p.
> Ref:
